<?php
include_once("common.inc.php");
require_once(_INC_PATH.'database.php');
$db = new database();

if (!get_magic_quotes_gpc())
{
	foreach( $_POST as $pk=>$v)
	{
		$_POST[$pk] = addslashes(trim($v));
	}
}

$res_cor_id = intval($_POST['res_cor_id']);
$res_page = intval($_POST['res_page']);
$estimate_id = intval($_POST['quote_id']);
$user_id = $_POST['quote_userId'];
$user_name = $_POST['quote_userName'];
$res_user_id = _getcookie("id");
$res_name = _getcookie("user_name");
$content = trim($_POST['res_comment']);

$ip = getIP();

if($estimate_id <= 0 || $res_cor_id <= 0)
	errorShow("对不起，回复时发生错误！如有疑问，请联系我们");


@include_once( _INC_PATH."denyWord.php" );	

$content = htmlspecialchars( $content );	
$content = filterDenyWords( $content );

$nowTime = date("Y-m-d H:i:s");
$insertRow = array(
		"estimate_id" => $estimate_id,
		"user_id" => $user_id,
		"user_name" => $user_name,
		"content" => $content,
		"res_user_id" => $res_user_id,
		"res_name" => $res_name,
		"ip" => $ip,
		"show_flg" => '1',
		"create_time" => $nowTime,
		"update_time" => $nowTime,
		"del_flg" => '0'
);

$db->insert( $insertRow , 'tbl_response' ); 	
	
$db->close();
setcookie("commentltime",time(),time()+3600*12,'/');


$location = delCommentPage();
Location($location);

//过滤关键字
function filterDenyWords($msg)
{
	global $denyWordArray;
	if (!empty($denyWordArray))
	{
		foreach( $denyWordArray as $denyWord )
		{
			$msg = preg_replace( "#". $denyWord . "#i" , "#" , $msg);
		}
	}
	return $msg;
}

die;
?>